Reputation: 8295
Sitecore Items - Programmatically test if anonymous user has permission
I'm trying to test if items can be viewed by an anonymous user:
var anon = User.FromName("domain\\Anonymous");
if (item.Security.CanRead(anonymousUser))
return true;
But it always returns true, even when I know that for particular items, they must have a certain role to view it, as I can see from the access viewer:
Upvotes: 2
Views: 871
Answers (1)
Reputation: 2635
The responsible crawler -which actually executes ComputeFieldValue code- is designed in such way to wrap this code in a SecurityDisabler. That is why it is not possible inside a computed field to verify whether has access to the field or not.
Sitecore does recommend to do the security check during the search (ootb) but indeed the TotalResults do not match if you do - which sucks ;)
If you would try to get security in the index - first try to find a solution for keeping the item security updated. E.g. if you would break inheritance somewhere, how would your index know what items to update? ...
Upvotes: 1
Related Questions
- Check whether the allow anonymous is on or not in ASP.NET Core
- How to check whether user has any role?
- Sitecore: Render item for which the user does not have read access
- Sitecore 8 users access rights
- Sitecore Permissions - How to grant access to item for a role, but deny everyone else
- Sitecore Item Access Rights
- Anonymous access to Sitecore item
- determine roles that have access to an item in Sitecore - in code
- sitecore get list of protected items
- How to query items based on permissions?